Based on discussions with Stock Exchanges, Clearing Corporations, Depositories (hereinafter referred as ‘Market Infrastructure Institutions – MIIs), and recommendations of Technical Advisory Committee (TAC) of SEBI, the existing System Audit Framework has been reviewed.
MIIs are advised to conduct an Annual System Audit as per the framework of Annexure 1 and Terms of Reference (TOR) of Annexure 2. MIIs are also advised to maintain a list of all the relevant SEBI circulars/ directions/ advices, etc. pertaining to technology and compliance thereof, as per format of Annexure 3 and the same shall be included under the scope of System Audit.
Further, MIIs are advised to submit information with regard to exceptional major Non-Compliances (NCs)/ minor NCs observed in the System Audit as per format of Annexure 4 and are advised to categorically highlight those observations/NCs/suggestions pointed out in the System Audit (current and previous) which remain open.
The Systems Audit Report including compliance with SEBI circulars/ guidelines and exceptional observation format along with compliance status of previous year observations shall be placed before the Governing Board of the MII and then the report along with the comments of the Management of the MII shall be communicated to SEBI within a month of completion of audit. Further, along with the audit report, MIIs are advised to submit a declaration from the MD / CEO certifying the security and integrity of their IT Systems.
Annexure 1 System Audit FrameworkAnnexure 2 Terms of Reference (TOR) for System Audit Program Annexure 3 Format for monitoring compliance with SEBI circulars/guidelines/advisories related to TechnologyAnnexure 4 Exception Observation Reporting Format
For Further https://www.sebi.gov.in/legal/circulars/jan-2020/annual-system-audit-of-market-infrastructure-institutions_45573.html